Chapter 4: Advanced Configuration
7. If the publicly accessible LAN computer uses a non-standard port number for the type of traffic it
receives, type the non-standard port number in the
Local Port
field.
8. Complete as described for general procedure (steps 6 to 10).
The basic rule: Performing 1:1 translations
The basic flavor translates the private (LAN-side) IP address to a public (WAN-side) address, like napt rules.
However, unlike napt rules, basic rules do not also translate the port numbers in the packet header; they
are passed through untranslated. Therefore, the basic rule does not provide the same level of security as
the napt rule.
1. On
the
NAT Rule - Add
page, select
BASIC
from the
Rule Flavor
drop-down list.
2. Define the rule ID and select the interface.
3. From
the
Protocol
drop-down list, select a protocol to which this rule applies, or choose
ANY
if the
rule applies to all data.
4. In
the
Local Address From/To
fields, type the starting and ending IP addresses that identify the range
of private address you want to be translated. Or, type the same address in both fields.
If you specify a range, each address will be translated in sequence to a corresponding address in a
range of global addresses (which you specify in step 5).
5. In
the
Global Address From/To
fields, type the starting and ending address that identify the pool of
public IP addresses to which to translate your private addresses. Or, type the same address in both
fields (if you also specified a single address in step 4).
6. Complete as described for general procedure (steps 6 to 10).
The filter rule: Configuring a basic rule with additional criteria
Like the basic flavor, the filter flavor translates public and private IP addresses on a one-to-one basis. The
filter flavor extends the capability of the basic rule.
You can use the filter rule if you want an address translation to occur only when your LAN computers
initiate access to specific destinations. The destinations can be identified by their IP addresses, server type
(such as FTP or Web server), or both.
Rev:01_040220
51